DevOps & Security Engineer

Job Title: DevOps & Security Engineer

Company: Aerosimple

Website: https://www.aerosimple.com

Job Description:

Aerosimple is seeking a DevOps & Security Engineer to manage and automate deployments,

infrastructure, and cloud services while ensuring security best practices. The ideal candidate will

be responsible for CI/CD pipeline management, AWS services configuration, security hardening,

and serverless architecture deployment using the Serverless Framework. The role requires

expertise in Jenkins, AWS, CloudFormation, Linux server management, security policies,

and shell scripting.

Key Responsibilities:

Jenkins & CI/CD Management:

Configure and manage Jenkins for continuous integration and delivery.

Develop, modify, and optimize Jenkins jobs.

Write and maintain shell scripts for automation and build processes.

Monitor and troubleshoot Jenkins pipeline failures and optimize performance.

Serverless & Infrastructure as Code:

Write and modify Serverless Framework YAML declarations.

Create and manage CloudFormation templates for infrastructure automation.

Deploy and manage AWS Lambda functions, API Gateway, and supporting resources.

AWS Cloud Services Management:

Configure and manage Route 53, including DNS zones and domain management.

Maintain and optimize S3 storage configurations.

Deploy and manage CloudFront distributions and caching strategies.

Provision AWS ACM certificates and manage SSL/TLS configurations.

Administer AWS Cognito for user authentication and identity pools.

Configure ALB (Application Load Balancer), listeners, and target groups.

Set up VPC networking, including subnets, routing tables, gateways, and peering

connections.

Manage API Gateway, including custom authorizers and request validation.

Deploy and configure Lambda functions, including cron jobs and event-driven

architectures.

Optimize and scale ECS Fargate workloads and container deployments.

Secure EC2 instances, implement monitoring, and manage security policies.

Configure CloudWatch logs, log groups, and monitoring alerts.

Develop and maintain IAM roles, policies, and security configurations.

Deploy and manage DynamoDB tables, indexes, and configurations.

Optimize and maintain Aurora Serverless, including backups and scaling

configurations.

Configure AWS Pinpoint for customer engagement and messaging.

Manage SNS topics and subscriptions for event-driven architectures.

Linux Server Management:

Configure and maintain Linux servers for development and production environments.

Write and optimize shell scripts for automation and server maintenance.

Perform security updates, monitoring, and performance tuning.

Troubleshoot server issues and optimize system resources.

Security & Compliance:

Implement security best practices across cloud infrastructure and CI/CD pipelines.

Ensure IAM roles, permissions, and policies follow the principle of least privilege.

Manage network security, including security groups, NACLs, and VPN configurations.

Monitor security logs and set up alerts for intrusion detection and anomaly detection.

Ensure compliance with security frameworks (e.g., ISO 27001, SOC2, NIST, CIS

Benchmarks).

Implement encryption mechanisms for data at rest and in transit.

Conduct regular security audits and vulnerability assessments.

Implement WAF (Web Application Firewall) for protection against web threats.

Required Skills & Qualifications:

3+ years of experience in a DevOps or Cloud Engineering role with a strong focus on

security.

Strong knowledge of AWS cloud services and infrastructure automation.

Experience with Jenkins CI/CD pipeline setup and management.

Proficiency in Shell scripting, Python, or other scripting languages.

Hands-on experience with Serverless Framework and CloudFormation.

Deep understanding of networking concepts (VPC, DNS, Load Balancers, etc.).

Experience with containerized applications on ECS Fargate.

Strong Linux system administration skills.

Knowledge of security best practices and IAM configurations.

Experience with security monitoring tools (e.g., AWS Guard Duty, Security Hub, SIEM

solutions).

Preferred Qualifications:

Experience with CloudFormation for infrastructure automation.

Knowledge of Docker and container architecture.

Understanding of microservices architecture and event-driven architectures.

Certifications such as AWS Certified Security Specialty, CISSP, or Certified Ethical

Hacker (CEH) are a plus.